ITS Homepage Click here for text version of ITS homepage
Contact UAlbany Directories Calendars & Schedules Visitors Site Index Search
Admissions Academics Research IT Services Libraries Athletics
alerts_tag
Security fixes available for Adobe Acrobat and Reader


ALARM Group ALERT - click for a description of ALARM, The Computing Alert System


Alert Number: 062408-01
Alert Date: 06/24/08
Alert Title: Security fixes available for Adobe Acrobat and Reader
Update-to: None
OS/Platform/Application:

Adobe Reader versions 8.0 through 8.1.2
Adobe Reader version 7.0.9 and earlier (7.1.0 is not vulnerable)
Adobe Acrobat Professional, 3D and Standard versions 8.0 through 8.12
Adobe Acrobat Professional, 3D and Standard version 7.0.9 and earlier (7.1.0 is not vulnerable)

Category: ALERT
Severity: HIGH
Attention: Adobe Reader and Acrobat users (on Windows and Mac systems), System Administrators, Desktop Support Personnel.

Summary: On June 23 2008 Adobe Systems published a security bulletin that details a vulnerability in some versions of its popular Reader and Acrobat products.  The most likely mechanism of exploit for this vulnerability is the handling of a maliciously-crafted PDF document*.  Successful exploitation could result in a range of unfavorable outcomes including application/system crash and complete takeover of a vulnerable system.  According to the vendor, active exploitation of this vulnerability may already be occurring on the Internet.

*It is important to note that recent research into the nature and trends of maliciously-crafted sites shows the majority of websites hosting maliciously-crafted software are ones users presume to be "legitimate" sites or advertisements for well-known and/or trusted products.

Recommended Actions:  Adobe has made available a security patch for version 8 of its Reader and Acrobat products.  For users of version 7.0.9 and earlier of these products the vendor is recommending that users upgrade to version 7.1.0 which is not vulnerable to this exploit.  REPORTS OF CURRENT, ACTIVE EXPLOITATION OF THIS VULNERABILITY ON THE INTERNET MAKE IT HIGHLY IMPORTANT THAT THE SECURITY PATCH OR UPDATE BE APPLIED AS SOON AS POSSIBLE FOR ALL VULNERABLE COMPUTERS.

Adobe Reader and/or Acrobat are popular applications found on many computers.  If you are unsure which version of software is present on your computer you can check by opening the program and then selecting (from the top toolbar) Help>About Adobe reader..., etc.

Readers are encouraged to share this alert with family, friends, and associates.

ITS Actions: N/A

Resources:

Adobe Security Advisory:
http://www.adobe.com/support/security/bulletins/apsb08-15.html
 

BLANKABCDEFGHIJKLMBLANK
BLANKNOPQRSTUVWXYZBLANK
CHOOSE FROM the ITS Site Index

GO TO an ITS Group

Information Technology Services
University at Albany, SUNY
1400 Washington Avenue
Albany, NY 12222
ITS Service Centers:  518-442-4000
  		University at Albany Home Page
Contact UAlbany | Directories | Calendars | Visitors | Site Index | Search
Admissions | Academics | Research | IT Services | Libraries | Athletics
Internet Privacy Policy              IT Policies